News

Critical ConnectWise ScreenConnect vulnerabilities fixed, patch ASAP!

ConnectWise, Don't miss, Hot stuff, MSP, News, remote access, remote management, security update, SMBs, vulnerability /

Critical ConnectWise ScreenConnect vulnerabilities fixed, patch ASAP! 2024-02-20 at 12:16 By Zeljka Zorz ConnectWise has fixed two vulnerabilities in ScreenConnect that could allow attackers to execute remote code or directly impact confidential data or critical systems. “There is no evidence that these vulnerabilities have been exploited in the wild, but immediate action must be taken […]

Critical ConnectWise ScreenConnect vulnerabilities fixed, patch ASAP! Read More »

How to make sense of the new SEC cyber risk disclosure rules

Asimily, Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, Risk Management, strategy /

How to make sense of the new SEC cyber risk disclosure rules 2024-02-20 at 08:01 By Help Net Security SEC’s new cybersecurity risk management, strategy, governance, and incident disclosure rules, which require increased transparency around cybersecurity incidents, have been in effect since December 18, 2023. For businesses that already harbor concerns over their cybersecurity protections,

How to make sense of the new SEC cyber risk disclosure rules Read More »

How decentralized identity is shaping the future of data protection

authentication, cybersecurity, digital wallet, Don't miss, Features, Hot stuff, identity, identity management, News, opinion, Ping Identity, Privacy, standards /

How decentralized identity is shaping the future of data protection 2024-02-20 at 07:32 By Mirko Zorz In this Help Net Security interview, Patrick Harding, Chief Architect at Ping Identity, discusses the promises and implications of decentralized identity (DCI) in cybersecurity. By redistributing identity management responsibilities among issuers, holders, and verifiers, DCI empowers individuals to selectively

How decentralized identity is shaping the future of data protection Read More »

36% of code generated by GitHub CoPilot contains security flaws

code, Don't miss, News, report, software development, survey, Veracode /

36% of code generated by GitHub CoPilot contains security flaws 2024-02-20 at 06:32 By Help Net Security Security debt, defined as flaws that remain unfixed for longer than a year, exists in 42% of applications and 71% of organizations, according to Veracode. Worryingly, 46% of organizations have persistent, high-severity flaws that constitute ‘critical’ security debt,

36% of code generated by GitHub CoPilot contains security flaws Read More »

Clean links and sophisticated scams mark new era in email attacks

Artificial Intelligence, cybercriminals, Email, Malware, News, phishing, report, social engineering, VIPRE Security /

Clean links and sophisticated scams mark new era in email attacks 2024-02-20 at 06:05 By Help Net Security Analysis of 7 billion emails shows clean links are duping users, malicious EML attachments increased 10-fold in Q4, and social engineering attacks are at all-time highs, according to VIPRE Security. The rise of the EML file attachments

Clean links and sophisticated scams mark new era in email attacks Read More »

Balancing “super app” ambitions with privacy

Artificial Intelligence, cybersecurity, data, Don't miss, Encryption, Expert analysis, Expert corner, Hot stuff, News, opinion, Privacy, Zama /

Balancing “super app” ambitions with privacy 2024-02-19 at 08:31 By Help Net Security When Elon Musk’s ambitions to transform X into an “everything app” were divulged last year, he joined several companies known to be exploring or actively working on developing super apps, suggesting there’s clearly a niche to be filled. In fact, since the

Balancing “super app” ambitions with privacy Read More »

CVE Prioritizer: Open-source tool to prioritize vulnerability patching

CVE, cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, software /

CVE Prioritizer: Open-source tool to prioritize vulnerability patching 2024-02-19 at 08:01 By Mirko Zorz CVE Prioritizer is an open-source tool designed to assist in prioritizing the patching of vulnerabilities. It integrates data from CVSS, EPSS, and CISA’s KEV catalog to offer insights into the probability of exploitation and the potential effects of vulnerabilities on your

CVE Prioritizer: Open-source tool to prioritize vulnerability patching Read More »

Inside the strategy of Salesforce’s new Chief Trust Officer

Artificial Intelligence, Compliance, cybersecurity, data security, Don't miss, Features, Hot stuff, News, opinion, Privacy, Salesforce, strategy /

Inside the strategy of Salesforce’s new Chief Trust Officer 2024-02-19 at 07:32 By Mirko Zorz Recently, Salesforce named Brad Arkin, previously Chief Security & Trust Officer at Cisco, the company’s new Chief Trust Officer. This was the perfect opportunity to find out more about his plans. In this Help Net Security interview, Arkin discusses a

Inside the strategy of Salesforce’s new Chief Trust Officer Read More »

RCE vulnerabilities fixed in SolarWinds enterprise solutions

access management, Don't miss, enterprise, Hot stuff, News, SolarWinds, vulnerability /

RCE vulnerabilities fixed in SolarWinds enterprise solutions 2024-02-19 at 07:01 By Zeljka Zorz SolarWinds has released updates for Access Rights Manager (ARM) and (Orion) Platform that fix vulnerabilities that could allow attackers to execute code on vulnerable installations. SolarWinds ARM flaws fixed SolarWinds, the company whose Orion IT administration platform has been infamously compromised in

RCE vulnerabilities fixed in SolarWinds enterprise solutions Read More »

Fraudsters have found creative ways to scam some businesses

cybercrime, cybersecurity, Experian, fraud, News, online payment, report, survey /

Fraudsters have found creative ways to scam some businesses 2024-02-19 at 06:31 By Help Net Security 70% of businesses report that fraud losses have increased in recent years and over half of consumers feel they’re more of a fraud target than a year ago, according to Experian. To thwart fraudulent activity in 2024, businesses need

Fraudsters have found creative ways to scam some businesses Read More »

Week in review: AnyDesk phishing campaign targets employees, Microsoft fixes exploited zero-days

News, Week in review /

Week in review: AnyDesk phishing campaign targets employees, Microsoft fixes exploited zero-days 2024-02-18 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Integrating cybersecurity into vehicle design and manufacturing In this Help Net Security interview, Yaron Edan, CISO at REE Automotive, discusses the

Week in review: AnyDesk phishing campaign targets employees, Microsoft fixes exploited zero-days Read More »

U.S. authorities disrupt Russian intelligence’s botnet

FBI, Justice Department, News /

U.S. authorities disrupt Russian intelligence’s botnet 2024-02-16 at 13:03 By Help Net Security In January 2024, an operation dismantled a network of hundreds of SOHO routers controlled by GRU Military Unit 26165, also known as APT 28, Sofacy Group, Forest Blizzard, Pawn Storm, Fancy Bear, and Sednit. This network facilitated various crimes, including extensive spearphishing

U.S. authorities disrupt Russian intelligence’s botnet Read More »

Gmail & Yahoo DMARC rollout: When cyber compliance gives a competitive edge

authentication, Compliance, cybersecurity, Don't miss, EasyDMARC, Email, Expert analysis, Expert corner, Gmail, Hot stuff, News, opinion, standards, Yahoo /

Gmail & Yahoo DMARC rollout: When cyber compliance gives a competitive edge 2024-02-16 at 08:01 By Help Net Security The essence of cybersecurity is not just about defense but enabling business through trust and reliability. As Gmail and Yahoo take steps to enforce stricter email authentication, organizations that are proactive in their DMARC compliance will

Gmail & Yahoo DMARC rollout: When cyber compliance gives a competitive edge Read More »

New infosec products of the week: February 16, 2024

Appdome, Center for Internet Security, CompliancePro Solutions, Cyberhaven, LOKKER, News, Sumsub /

New infosec products of the week: February 16, 2024 2024-02-16 at 07:31 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Appdome, Center for Internet Security, Cyberhaven, LOKKER, Sumsub, and CompliancePro Solutions. CIS ESS Mobile offers visibility into blind spots on mobile devices CIS ESS

New infosec products of the week: February 16, 2024 Read More »

Physical security is becoming a top priority in building design

Brivo, News, physical security, report, smart building, survey /

Physical security is becoming a top priority in building design 2024-02-16 at 06:32 By Help Net Security Despite the importance of security, it was, until recently, an afterthought in building design, according to Brivo. Rather than considering security from the very beginning, it was addressed later. This meant costly retrofit efforts such as installing cameras

Physical security is becoming a top priority in building design Read More »

Cyber threats cast shadow over 2024 elections

cyber espionage, cybercrime, cybersecurity, election security, News, report, survey, Tidal Cyber /

Cyber threats cast shadow over 2024 elections 2024-02-16 at 06:01 By Help Net Security Considering that 2024 is a historic year for elections – with an estimated half of the world’s population taking part in democratic votes – this high threat of cyber interference has significant implications for global free society, threatening to undermine confidence

Cyber threats cast shadow over 2024 elections Read More »

Battery maker Varta halts production after cyberattack

cyberattack, Don't miss, EU, Germany, Hot stuff, manufacturing sector, News /

Battery maker Varta halts production after cyberattack 2024-02-15 at 14:17 By Helga Labus German battery manufacturer Varta was forced to shut down its IT systems and stop production as a result of a cyberattack. The Varta cyberattack The cyberattack occurred on Monday night and affected five of the company’s production plants and the administration. According

Battery maker Varta halts production after cyberattack Read More »

iOS users beware: GoldPickaxe trojan steals your facial data

China, cybercrime, cybercriminals, cybersecurity, Don't miss, Group-IB, iOS, iPhone, Malware, News, smartphones, trojan /

iOS users beware: GoldPickaxe trojan steals your facial data 2024-02-15 at 12:16 By Help Net Security Group-IB uncovered a new iOS trojan designed to steal users’ facial recognition data, identity documents, and intercept SMS. The trojan, dubbed GoldPickaxe.iOS by Group-IB’s Threat Intelligence unit, has been attributed to a Chinese-speaking threat actor codenamed GoldFactory, responsible for

iOS users beware: GoldPickaxe trojan steals your facial data Read More »

AI outsourcing: A strategic guide to managing third-party risks

Artificial Intelligence, cyber insurance, cybersecurity, data security, Don't miss, Expert analysis, Expert corner, Founder Shield, Hot stuff, News, opinion, policy, Privacy, strategy /

AI outsourcing: A strategic guide to managing third-party risks 2024-02-15 at 08:01 By Help Net Security In an era of artificial intelligence (AI) revolutionizing business practices, many companies are turning to third-party AI services for a competitive edge. However, this approach comes with its own set of risks. From data security concerns to operational disruptions,

AI outsourcing: A strategic guide to managing third-party risks Read More »

5 free digital forensics tools to boost your investigations

computer forensics, cybersecurity, digital forensics, Don't miss, GitHub, Hot stuff, News, software /

5 free digital forensics tools to boost your investigations 2024-02-15 at 07:32 By Help Net Security Digital forensics plays a crucial role in analyzing and addressing cyberattacks, and it’s a key component of incident response. Additionally, digital forensics provides vital information for auditors, legal teams, and law enforcement agencies in the aftermath of an attack.

5 free digital forensics tools to boost your investigations Read More »

Scroll to Top